SO_BINDANY and pf divert

Julian Elischer julian at
Wed Jul 30 21:44:12 UTC 2008

Attila Nagy wrote:
> Hello,
> OpenBSD's relayd has grown a very useful transparent relay support, 
> which means you can run a HTTP(S) reverse proxy transparently 
> (maintaining the source IP, while you have a different TCP stream open 
> from the proxy to the backend, even by terminating the SSL part and 
> speaking clear text HTTP to the backends).
> For this (as far as I could figure out, while trying to make this newer 
> relayd working on FreeBSD) two pieces are needed, which FreeBSD 
> currently lacks:
> - the SO_BINDANY support (see 
> and 
> - the pf part, which diverts the non-local packets to the given socket 
> (see and 

well, ipfw can do that.

> After having those said, the question is obvious. :)
> Does anybody feel the need for these two in FreeBSD and have the 
> competence and time to port them?
> Thanks,
> _______________________________________________
> freebsd-net at mailing list
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at"

More information about the freebsd-net mailing list